A good set of notes for end users, which would work well in a corporate awareness programme:
I recently undertook this certification. Long overdue, I had an opportunity to pursue CEH over a decade ago, but opted to take the Red Hat Certified Engineer (RHCE) Standard Track at the time. How did it go?
NMAP has some useful active fingerprinting capabilities, sending a variety of packets and carrying out evaluation of virtually every packet bit. It is a great help if you have nothing more than an IP address to go on, and need to quickly narrow down the platform type (e.g. using nmap -O -sV ).
Here’s a summary of my advice on LinkedIn regarding the Dot EU domain and Brexit.
In this post I wanted to explore some of the lesser used features of iptables, and showing how iptables can be combined with a dual-homed Linux server to act as a data rate control. This is a cheap alternative to using a dedicated firewall.
In my experience, you can never have enough logging information. If you’re trying to piece together the causes of system failure, or attempting to trace the origins of a cyber-attack, you’re logs are often crucial in either case. In this post I’ll show how you can enhance a Linux installation to log all outbound TCP connections for future reference.
Squid is a capable proxy, and can be used to enforce security rules for small and medium sized organisations. It’s also a cost-effective solution, e.g. if you’re implementing AP17.
Following on from part 1 of this blog series, in this second blog post in my series, I’m asking the question “what should a good ad-hoc risk/impact assessment look like?”
I’ve seen a lot of attempts over the years at technical security assessments (TSAs, as good as any other term to describe them), both more GRC-oriented and technically-focused.
I’ve not yet seen a TSA that fits the bill fully, so in this post I’m setting out some ideas on what makes a good assessment and when it should be used.
For several weeks I’ve been trialling WordFence on my blog, not that you’d have noticed it.
WordFence is a plugin that can be added to any existing WordPress installation, adding Intrusion Detection and Prevention capabilities usually encountered on application layer gateways.